Mirai Botnet
The Mirai Botnet, created by Maneth Balasooriya and Jacob Gottschalk, is a notorious IoT botnet known for Distributed Denial-of-Service attacks on devices like IP cameras and DVRs. It originated from a Minecraft server protection racket and has been involved in major incidents. The botnet operates via a replication module that uses brute force login tactics and common credentials to launch various types of attacks. Infrastructure elements include server loader, command & control, victim replication, and DDoS victim attack modules. Mitigation strategies involve eliminating default credentials, auto-patching, and limiting login attempts. Various sources provide insights and analysis on the Mirai Botnet, offering a roadmap for segmentation.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Mirai Botnet Maneth Balasooriya and Jacob Gottschalk
Overview Distributed Denial-of-Service attack via IoT device botnet ARC processor Linux devices: IP cameras, DVRs, etc.
Origin Minecraft server protection racket Source code posted on GitHub
KrebsOnSecurity OVH Dyn Major Incidents
Method Replication Module and Attack Module Brute force login to IoT device Originally 64 common / manufacturer-specified login credentials SYN/ACK/GRE/HTTP flood
Infrastructure Report Server Loader Command & Control Bot Net IoT Victim Replication Module DDoS Victim Attack Module
Mitigation and Defense Eliminate default credentials Auto-patching Limit login attempts
Sources USENIX Security 17 - Understanding the Mirai Botnet https://www.youtube.com/watch?v=1pywzRTJDaY Inside the infamous Mirai IoT Botnet: A Retrospective Analysis https://blog.cloudflare.com/inside-mirai-the-infamous-iot- botnet-a-retrospective-analysis/ Check Point Research. (2017). IoT Goes Nuclear: Creating a ZigBee Chain Reaction. Check Point Software Technologies Ltd. Available at: https://research.checkpoint.com/iot-goes-nuclear-creating-zigbee-chain-reaction/ Paxson, V. (2017). Lessons from the Mirai botnet. Communications of the ACM, 60(7), 38-43. Available at: https://dl.acm.org/doi/abs/10.1145/3097193 Krebs, B. (2016). A peek inside the Mirai botnet. KrebsOnSecurity. Retrieved from https://krebsonsecurity.com/2016/10/a- peek-inside-the-mirai-botnet/ "Mirai Botnet: A Roadmap to Segmentation," Trend Micro, https://www.trendmicro.com/vinfo/us/security/news/internet- of-things/mirai-botnet-a-roadmap-to-segmentation